JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.68.214.42

103.68.214.42 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 0%: ?

ISP	PT Media Grasi Internet
Usage Type	Fixed Line ISP
ASN	AS150517
Domain Name	mediagrasi.net
Country	🇮🇩 Indonesia
City	Pasarkemis, West Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.68.214.42

Whois 103.68.214.42

IP Abuse Reports for 103.68.214.42:

This IP address has been reported a total of 16 times from 7 distinct sources. 103.68.214.42 was first reported on August 20th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 nyuuzyou	2024-11-15 04:06:55 (1 year ago)	Intensive scraping: /web?s=%22Powered%20by%20s9y%22%20%22Remember%20Information%3F%22%20%22%EF%BB%BF ... show more Intensive scraping: /web?s=%22Powered%20by%20s9y%22%20%22Remember%20Information%3F%22%20%22%EF%BB%BF%E3%83%AB%E3%83%96%E3%83%A9%E3%83%B3%20%E3%83%A2%E3%83%87%E3%83%AB%22%20vollst%C3%A4ndig&country=ng-ng&scraper=yep. User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68. show less	Bad Web Bot
Anonymous	2024-10-29 05:41:14 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇲🇹 Malta	2024-10-16 23:28:22 (1 year ago)	103.68.214.42 - - [17/Oct/2024:01:28:22 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows N ... show more 103.68.214.42 - - [17/Oct/2024:01:28:22 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" show less	Hacking Web App Attack
Anonymous	2024-10-02 04:16:06 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2024-09-19 09:11:52 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 103.68.214.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 103.68.214.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 19 05:11:42.581995 2024] [security2:error] [pid 31464:tid 31464] [client 103.68.214.42:46420] [client 103.68.214.42] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.68.214.42 (+1 hits since last alert)\|www.soberbrains.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.soberbrains.com"] [uri "/xmlrpc.php"] [unique_id "Zuvqzso4prZf9kiMHZPgugAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇹 Malta	2024-09-05 02:26:49 (1 year ago)	103.68.214.42 - - [05/Sep/2024:04:26:48 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; ... show more 103.68.214.42 - - [05/Sep/2024:04:26:48 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
🇺🇸 octageeks.com	2024-09-01 04:08:16 (1 year ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇺🇸 octageeks.com	2024-08-31 04:08:15 (1 year ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇺🇸 octageeks.com	2024-08-29 04:08:16 (1 year ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇺🇸 TPI-Abuse	2024-08-28 06:49:23 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 103.68.214.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 103.68.214.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 28 02:49:14.682171 2024] [security2:error] [pid 16423:tid 16423] [client 103.68.214.42:48594] [client 103.68.214.42] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.68.214.42 (+1 hits since last alert)\|www.manosentuayuda.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.manosentuayuda.org"] [uri "/xmlrpc.php"] [unique_id "Zs7IajTCXX-nDwzMMZpTvwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2024-08-27 18:12:35 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 octageeks.com	2024-08-27 04:08:19 (1 year ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇺🇸 sterile.network	2024-08-25 15:27:27 (1 year ago)	This IP (103.68.214.42) was detected to be part of a medium scale DDoS attack involving (116) other ... show more This IP (103.68.214.42) was detected to be part of a medium scale DDoS attack involving (116) other IPs/Proxies. show less	DDoS Attack
🇲🇹 Malta	2024-08-25 12:52:38 (1 year ago)	103.68.214.42 - - [25/Aug/2024:14:52:37 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; ... show more 103.68.214.42 - - [25/Aug/2024:14:52:37 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
🇩🇪 Packets-Decreaser.NET	2024-08-24 11:54:42 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇴 186.147.162.215

🇺🇸 147.185.132.207

🇵🇱 87.251.64.155

🇺🇸 66.132.172.54

🇨🇳 14.103.10.167

🇬🇪 2.57.217.229

🇨🇳 220.180.157.138

🇳🇱 176.65.149.201

🇩🇪 164.90.208.56

🇫🇮 138.124.5.60

🇨🇳 106.117.110.89

🇧🇩 103.26.246.111

🇳🇱 89.42.231.160

🇨🇦 85.217.149.72

🇧🇷 45.164.251.106

🇨🇳 14.116.172.42

🇨🇳 218.200.129.9

🇺🇸 206.81.12.187

🇲🇽 186.96.145.241

🇮🇩 180.252.251.18